A system may include a host that may include a processor coupled to a non-volatile memory over a secure communication protocol. As a result, prior to release for manufacturing, a binding code may be established between the host and the non-volatile memory. In some embodiments, this binding code may be stored on the non-volatile memory and not on the host. Then during a boot up of the system, the boot up process may be initiated by the host using code associated with the host, followed by secure booting using the secure protocol using code stored on the non-volatile memory.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A non-transitory computer readable medium having instructions stored therein that, when executed by a processor, operates to perform a method comprising: transmitting a bind command and one or more parameters to a non-volatile memory; accessing a response from the non-volatile memory to the bind command and extracting a secret key; encrypting binding code, wherein the binding code is configured to be executed by a host to enable encrypted communications between the host and a non-volatile memory; and storing the encrypted binding code in a binding code storage of the non-volatile memory, the binding code storage configured to store the binding code.
2. The computer readable medium of claim 1 , wherein transmitting the bind command and the one or more parameters includes transmitting one or more parameters indicative of a key type.
3. The computer readable medium of claim 2 , wherein transmitting the one or more parameters includes transmitting at least one of X, g, or n in a Diffie-Hellman key exchange algorithm.
4. The computer readable medium of claim 1 , further comprising instructions stored therein that, when executed by a processor, operates to perform the method further comprising: storing a first boot code on the non-volatile memory; and enabling a second boot code on the host to initiate a booting process and transferring the booting process to the first boot code stored on the non-volatile memory.
5. The computer readable medium of claim 4 , further comprising instructions stored therein that, when executed by a processor, operates to perform the method further comprising executing the binding code to facilitate transfer of the first boot code from the non-volatile memory to the host.
6. The computer readable medium of claim 4 , further comprising instructions stored therein that, when executed by a processor, operates to perform the method further comprising: reading the binding code stored in the non-volatile memory with the second boot code; decrypting the binding code with the host; and storing the binding code on the host.
7. A non-transitory computer readable medium having instructions stored therein that, when executed by a processor, operates to perform a method comprising: storing a secret key in a volatile memory of a host, the secret key extracted from a response to a bind command; establishing encrypted communication between the host and a non-volatile memory via binding code executable by the host, wherein the encrypted communication is established using the secret key to encrypt the binding code stored at the host; and storing a boot code in a boot code storage, and providing the boot code and the binding code to the host, wherein the boot code is provided to the host via the encrypted communications.
8. The computer readable medium of claim 7 , wherein the non-volatile memory comprises an execute-in-place memory.
9. The computer readable medium of claim 7 , further comprising instructions stored therein that, when executed by a processor, operates to perform the method further comprising configuring the host to establish the encrypted communication via a Diffie-Hellman key exchange algorithm.
10. The computer readable medium of claim 7 , further comprising instructions stored therein that, when executed by a processor, operates to perform the method further comprising providing the binding code to the host responsive, at least in part, to a request for the binding code from the host.
11. The computer readable medium of claim 10 , wherein the request for the binding code from the host is initiated by a second boot code executed on the host.
12. The computer readable medium of claim 7 , wherein the boot code is configured to boot the host.
13. The computer readable medium of claim 7 , wherein the non-volatile memory comprises flash memory.
14. A method comprising: generating, via a host, a bind command; receiving the bind command at a non-volatile memory coupled to the host, and generating a response to the bind command and providing the response to the host, the host configured to extract a secret key from the response to the bind command, wherein the host configures a binding code based, at least in part, on the response and provides the binding code to a binding code storage of the non-volatile memory; and establishing encrypted communication, via the binding code, between the non-volatile memory and the host when the binding code is executed by the host using the secret key.
15. The method of claim 14 , wherein generating, via the host, the bind command includes generating one or more parameters indicative of a key type.
16. The method of claim 14 , wherein generating, via the host, the bind command includes generating one or more parameters comprising at least one of X, g, or n in a Diffie-Hellman key exchange algorithm.
17. The method of claim 14 , further comprising generating an identification tag for the host to identify a key in the future.
18. The method of claim 14 , further comprising generating the bind command responsive to executing a first boot code on the host.
19. The method of claim 18 , further includes storing a second boot code on the non-volatile memory.
20. The method of claim 19 , further includes executing, via the host, the second boot code responsive, at least in part, to establishment of the encrypted communication between the non-volatile memory and the host.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
May 21, 2018
July 7, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.